考えよう / JenkinsをSSL化する場合の例
参考
nginx実践ガイド impress top gearシリーズ
worker_processes 5;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream jenkins {
server 127.0.0.1:8080 fail_timeout=0;
}
server {
listen 443 ssl;
server_name ホスト名;
ssl_certificate サーバ証明書;
ssl_certificate_key 秘密鍵;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_redirect off;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://jenkins;
}
}
}upstream
keepalive
server
proxy_pass
proxy_redirect
proxy_set_header
real_ip_header